1. Field of the Invention
The present invention relates to the field of network computing and more particularly to the field of proxy server disposition within a computing network.
2. Description of the Related Art
A proxy server is a server configured to service requests of coupled clients by making or passing requests on behalf of the coupled clients to intended destination servers. Generally, a computing client connects to the proxy server, requests a remote resource on a specified destination computing server, for instance a file, a connection, or a web page to name a few. The proxy server in turn can retrieve the requested remote resource on behalf of the computing client by connecting to the specified destination computing server. In certain instances, the proxy server can alter the original request for a remote resource, or the proxy server can alter the retrieved response before passing the response to the computing client. In other instances, the proxy server can service the request without seeking assistance from the specified destination computing server.
Different proxy servers fulfill different roles in the computing network. For example, a proxy server that removes identifying information from a client request for the purpose of anonymity is referred to as an anonymizing proxy server. Also, a proxy server configured to service client requests without contacting the specified destination server, but by retrieving content saved locally from a previous request is referred to as a caching proxy. An intercepting proxy combines the functionality of a general proxy server with a gateway server. Connections made by coupled clients through the gateway are redirected through the proxy without client-side configuration. Intercepting proxies are commonly used to prevent avoidance of an acceptable use policy, and to ease administrative burden, since no client browser configuration is required.
An open proxy is a proxy server configured to accept client connections from any Internet protocol (IP) address and make connections to any remote resource. Finally, a transparent proxy is a proxy server that does not modify the request or response beyond what is required for proxy authentication and identification, whereas a non-transparent proxy is a proxy server that modifies the request or response in order to provide some added service to the user agent, such as group annotation services, media type transformation, protocol reduction, or anonymity filtering.
When a proxy server is used to proxy a transport control protocol (TCP) connection between a remote resource and middleware or another application on a destination server, neither the destination server nor the middleware or application can view the IP address of the remote resource as the proxy server replaces the remote IP address and source port in the IP and transport headers with an IP address and source port associated with the proxy server. As such, the destination server views the proxy server rather than the remote resource as the endpoint.
The lack of visibility of the remote resource in the destination server can defeat the operation of some operating system and application functions within the destination server. Those functions which can depend upon the knowledge and visibility of an IP address, protocol, or port for a remote resource can include policy statement processing for specific resources associated with specific IP addresses, protocols, or port including packet filtering and quality of service (QoS) processing for enforcing a service level agreement (SLA). Other applications rely upon the knowledge and visibility of an IP address, protocols, or ports for a remote resource including terminal emulators that map IP addresses, protocols, or ports to mainframe addresses. Finally, network security applications including intrusion detection systems prefer IP address visibility of remote resources to track the source of a potential attack.